474172261 / DataProtector
A simple ransomware defender.It uses minifilter to filt "rewrite" and "delete" events in kernel.And it handles event in user mode.
☆26Updated 6 years ago
Related projects: ⓘ
- ☆27Updated 3 years ago
- ☆20Updated this week
- ☆32Updated 3 years ago
- Formely KMon, a Windows Kernel Driver designed to prevent malware attacks by monitoring the creation of registry keys in common autorun l…☆21Updated 10 years ago
- just an lite AntiRootkit for interesting☆23Updated 8 years ago
- Open Source Libraries Collection☆24Updated 8 years ago
- ☆12Updated 6 years ago
- ☆18Updated 9 years ago
- ☆31Updated this week
- x64 Kernel Hooks Detection☆24Updated 7 years ago
- Simple command line version of Sysinternals WinObj. Currently just lists object names and types given an object manager directory.☆19Updated last year
- The project is a demo solution for one of the anti-rootkit techniques aimed on overcoming splicers☆34Updated 7 years ago
- Wow64 syscall hook☆39Updated 7 years ago
- WoW64 -> x64☆18Updated 7 years ago
- Native file compressor using only the ntdll.dll☆10Updated 6 years ago
- Demo List cm/ps/ob/minifilter callback And Patch/Bypass it☆27Updated 6 years ago
- use crystalCPUID to identify vt-x & amd-v☆16Updated 9 years ago
- windows kernel File redirection☆18Updated 9 years ago
- copy of tdifw lib☆10Updated 7 years ago
- Ssdt Hook Detection tool☆11Updated 7 years ago
- fork HoShiMin Avanguard☆19Updated 5 years ago
- Notes my learning steps about Windows-NT☆22Updated 7 years ago
- User-mode program parsing logs created by HyperPlatform☆18Updated 8 years ago
- PE Infector/Cryptor source code☆15Updated 7 years ago
- Native Development Kit for Vista 64bit And Later, by me, Based on NDK Headers 1.0, by Alex Ionescu☆16Updated 8 years ago
- a network filter using NDIS hook technique☆18Updated 11 years ago
- Some eternal WIP stuff :)☆14Updated 2 months ago
- Try to transport the tcpip stack of ReactOS to Windows XP.☆18Updated 10 years ago
- User-mode process cross-checking utility intended to detect naive malware hiding itself by hooking IAT/EAT.☆18Updated 8 years ago
- ☆23Updated this week